Commit 423eee0b authored by David Woodhouse's avatar David Woodhouse

Add openconnect_vpninfo_new_with_cbdata() function to ease C++ integration

C++ callers really want the 'self' object pointer to be the first argument
of the callbacks. Give them the chance to get that, instead of the vpninfo
pointer.

Preserve the old openconnect_vpninfo_new() call, even with the same
prototype for the callback functions, for compatibility with the existing
GNOME auth-dialog.
Signed-off-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
parent 790bb5ba
......@@ -121,7 +121,7 @@ static int parse_auth_choice(struct openconnect_info *vpninfo, struct oc_auth_fo
opt->form.label = (char *)xmlGetProp(xml_node, (unsigned char *)"label");
if (!opt->form.name) {
vpninfo->progress(vpninfo, PRG_ERR, "Form choice has no name\n");
vpn_progress(vpninfo, PRG_ERR, "Form choice has no name\n");
free(opt);
return -EINVAL;
}
......@@ -184,13 +184,13 @@ static int parse_form(struct openconnect_info *vpninfo, struct oc_auth_form *for
continue;
}
if (strcmp((char *)xml_node->name, "input")) {
vpninfo->progress(vpninfo, PRG_TRACE, "name %s not input\n", xml_node->name);
vpn_progress(vpninfo, PRG_TRACE, "name %s not input\n", xml_node->name);
continue;
}
input_type = (char *)xmlGetProp(xml_node, (unsigned char *)"type");
if (!input_type) {
vpninfo->progress(vpninfo, PRG_INFO, "No input type in form\n");
vpn_progress(vpninfo, PRG_INFO, "No input type in form\n");
continue;
}
......@@ -201,7 +201,7 @@ static int parse_form(struct openconnect_info *vpninfo, struct oc_auth_form *for
input_name = (char *)xmlGetProp(xml_node, (unsigned char *)"name");
if (!input_name) {
vpninfo->progress(vpninfo, PRG_INFO, "No input name in form\n");
vpn_progress(vpninfo, PRG_INFO, "No input name in form\n");
free(input_type);
continue;
}
......@@ -223,7 +223,7 @@ static int parse_form(struct openconnect_info *vpninfo, struct oc_auth_form *for
else if (!strcmp(input_type, "password"))
opt->type = OC_FORM_OPT_PASSWORD;
else {
vpninfo->progress(vpninfo, PRG_INFO,
vpn_progress(vpninfo, PRG_INFO,
"Unknown input type %s in form\n",
input_type);
free(input_type);
......@@ -244,7 +244,7 @@ static int parse_form(struct openconnect_info *vpninfo, struct oc_auth_form *for
*p = opt;
}
vpninfo->progress(vpninfo, PRG_TRACE, "Fixed options give %s\n", body);
vpn_progress(vpninfo, PRG_TRACE, "Fixed options give %s\n", body);
return 0;
}
......@@ -316,15 +316,15 @@ int parse_xml_response(struct openconnect_info *vpninfo, char *response,
xml_doc = xmlReadMemory(response, strlen(response), "noname.xml", NULL, 0);
if (!xml_doc) {
vpninfo->progress(vpninfo, PRG_ERR, "Failed to parse server response\n");
vpninfo->progress(vpninfo, PRG_TRACE, "Response was:%s\n", response);
vpn_progress(vpninfo, PRG_ERR, "Failed to parse server response\n");
vpn_progress(vpninfo, PRG_TRACE, "Response was:%s\n", response);
free(form);
return -EINVAL;
}
xml_node = xmlDocGetRootElement(xml_doc);
if (xml_node->type != XML_ELEMENT_NODE || strcmp((char *)xml_node->name, "auth")) {
vpninfo->progress(vpninfo, PRG_ERR, "XML response has no \"auth\" root node\n");
vpn_progress(vpninfo, PRG_ERR, "XML response has no \"auth\" root node\n");
ret = -EINVAL;
goto out;
}
......@@ -336,7 +336,7 @@ int parse_xml_response(struct openconnect_info *vpninfo, char *response,
}
if (vpninfo->nopasswd) {
vpninfo->progress(vpninfo, PRG_ERR, "Asked for password but '--no-passwd' set\n");
vpn_progress(vpninfo, PRG_ERR, "Asked for password but '--no-passwd' set\n");
ret = -EPERM;
goto out;
}
......@@ -360,7 +360,7 @@ int parse_xml_response(struct openconnect_info *vpninfo, char *response,
form->action = (char *)xmlGetProp(xml_node, (unsigned char *)"action");
if (!form->method || !form->action ||
strcasecmp(form->method, "POST") || !form->action[0]) {
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"Cannot handle form method='%s', action='%s'\n",
form->method, form->action);
ret = -EINVAL;
......@@ -407,15 +407,15 @@ int parse_xml_response(struct openconnect_info *vpninfo, char *response,
}
if (!form->opts) {
if (form->message)
vpninfo->progress(vpninfo, PRG_INFO, "%s\n", form->message);
vpn_progress(vpninfo, PRG_INFO, "%s\n", form->message);
if (form->error)
vpninfo->progress(vpninfo, PRG_ERR, "%s\n", form->error);
vpn_progress(vpninfo, PRG_ERR, "%s\n", form->error);
ret = -EPERM;
goto out;
}
if (vpninfo->process_auth_form)
ret = vpninfo->process_auth_form(vpninfo, form);
ret = vpninfo->process_auth_form(vpninfo->cbdata, form);
else
ret = process_auth_form(vpninfo, form);
if (ret)
......@@ -481,7 +481,7 @@ static int process_auth_form(struct openconnect_info *vpninfo,
choice_resp[0] = 0;
if (!ui) {
vpninfo->progress(vpninfo, PRG_ERR, "Failed to create UI\n");
vpn_progress(vpninfo, PRG_ERR, "Failed to create UI\n");
return -EINVAL;
}
if (form->banner) {
......@@ -523,7 +523,7 @@ static int process_auth_form(struct openconnect_info *vpninfo,
}
}
if (!opt->value)
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"Auth choice \"%s\" not available\n",
vpninfo->authgroup);
}
......@@ -604,7 +604,7 @@ static int process_auth_form(struct openconnect_info *vpninfo,
goto out_ui;
case -1:
/* error */
vpninfo->progress(vpninfo, PRG_ERR, "Invalid inputs\n");
vpn_progress(vpninfo, PRG_ERR, "Invalid inputs\n");
ret = -EINVAL;
out_ui:
UI_free(ui);
......@@ -626,7 +626,7 @@ static int process_auth_form(struct openconnect_info *vpninfo,
}
}
if (!select_opt->form.value) {
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"Auth choice \"%s\" not valid\n",
choice_resp);
return -EINVAL;
......
This diff is collapsed.
......@@ -113,21 +113,21 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
int dtls_fd;
if (!vpninfo->dtls_addr) {
vpninfo->progress(vpninfo, PRG_ERR, "No DTLS address\n");
vpn_progress(vpninfo, PRG_ERR, "No DTLS address\n");
vpninfo->dtls_attempt_period = 0;
return -EINVAL;
}
if (!vpninfo->dtls_cipher) {
/* We probably didn't offer it any ciphers it liked */
vpninfo->progress(vpninfo, PRG_ERR, "Server offered no DTLS cipher option\n");
vpn_progress(vpninfo, PRG_ERR, "Server offered no DTLS cipher option\n");
vpninfo->dtls_attempt_period = 0;
return -EINVAL;
}
if (vpninfo->proxy) {
/* XXX: Theoretically, SOCKS5 proxies can do UDP too */
vpninfo->progress(vpninfo, PRG_ERR, "No DTLS when connected via proxy\n");
vpn_progress(vpninfo, PRG_ERR, "No DTLS when connected via proxy\n");
vpninfo->dtls_attempt_period = 0;
return -EINVAL;
}
......@@ -150,7 +150,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
dtls_method = DTLSv1_client_method();
vpninfo->dtls_ctx = SSL_CTX_new(dtls_method);
if (!vpninfo->dtls_ctx) {
vpninfo->progress(vpninfo, PRG_ERR, "Initialise DTLSv1 CTX failed\n");
vpn_progress(vpninfo, PRG_ERR, "Initialise DTLSv1 CTX failed\n");
vpninfo->dtls_attempt_period = 0;
return -EINVAL;
}
......@@ -160,7 +160,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
SSL_CTX_set_read_ahead(vpninfo->dtls_ctx, 1);
if (!SSL_CTX_set_cipher_list(vpninfo->dtls_ctx, vpninfo->dtls_cipher)) {
vpninfo->progress(vpninfo, PRG_ERR, "Set DTLS cipher list failed\n");
vpn_progress(vpninfo, PRG_ERR, "Set DTLS cipher list failed\n");
SSL_CTX_free(vpninfo->dtls_ctx);
vpninfo->dtls_ctx = NULL;
vpninfo->dtls_attempt_period = 0;
......@@ -172,7 +172,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
/* We're going to "resume" a session which never existed. Fake it... */
vpninfo->dtls_session = SSL_SESSION_new();
if (!vpninfo->dtls_session) {
vpninfo->progress(vpninfo, PRG_ERR, "Initialise DTLSv1 session failed\n");
vpn_progress(vpninfo, PRG_ERR, "Initialise DTLSv1 session failed\n");
vpninfo->dtls_attempt_period = 0;
return -EINVAL;
}
......@@ -193,7 +193,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
ciphers = SSL_get_ciphers(dtls_ssl);
if (sk_SSL_CIPHER_num(ciphers) != 1) {
vpninfo->progress(vpninfo, PRG_ERR, "Not precisely one DTLS cipher\n");
vpn_progress(vpninfo, PRG_ERR, "Not precisely one DTLS cipher\n");
SSL_CTX_free(vpninfo->dtls_ctx);
SSL_free(dtls_ssl);
SSL_SESSION_free(vpninfo->dtls_session);
......@@ -210,7 +210,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
/* Add the generated session to the SSL */
if (!SSL_set_session(dtls_ssl, vpninfo->dtls_session)) {
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"SSL_set_session() failed with old protocol version 0x%x\n"
"Are you using a version of OpenSSL older than 0.9.8m?\n"
"See http://rt.openssl.org/Ticket/Display.html?id=1751\n"
......@@ -254,7 +254,7 @@ int dtls_try_handshake(struct openconnect_info *vpninfo)
int ret = SSL_do_handshake(vpninfo->new_dtls_ssl);
if (ret == 1) {
vpninfo->progress(vpninfo, PRG_INFO, "Established DTLS connection\n");
vpn_progress(vpninfo, PRG_INFO, "Established DTLS connection\n");
if (vpninfo->dtls_ssl) {
/* We are replacing an old connection */
......@@ -279,10 +279,10 @@ int dtls_try_handshake(struct openconnect_info *vpninfo)
if (ret == SSL_ERROR_WANT_WRITE || ret == SSL_ERROR_WANT_READ) {
if (time(NULL) < vpninfo->new_dtls_started + 5)
return 0;
vpninfo->progress(vpninfo, PRG_TRACE, "DTLS handshake timed out\n");
vpn_progress(vpninfo, PRG_TRACE, "DTLS handshake timed out\n");
}
vpninfo->progress(vpninfo, PRG_ERR, "DTLS handshake failed: %d\n", ret);
vpn_progress(vpninfo, PRG_ERR, "DTLS handshake failed: %d\n", ret);
report_ssl_errors(vpninfo);
/* Kill the new (failed) connection... */
......@@ -332,7 +332,7 @@ int setup_dtls(struct openconnect_info *vpninfo)
int dtls_port = 0;
while (dtls_opt) {
vpninfo->progress(vpninfo, PRG_TRACE,
vpn_progress(vpninfo, PRG_TRACE,
"DTLS option %s : %s\n",
dtls_opt->option, dtls_opt->value);
......@@ -371,7 +371,7 @@ int setup_dtls(struct openconnect_info *vpninfo)
struct sockaddr_in6 *sin = (void *)vpninfo->dtls_addr;
sin->sin6_port = htons(dtls_port);
} else {
vpninfo->progress(vpninfo, PRG_ERR, "Unknown protocol family %d. Cannot do DTLS\n",
vpn_progress(vpninfo, PRG_ERR, "Unknown protocol family %d. Cannot do DTLS\n",
vpninfo->peer_addr->sa_family);
vpninfo->dtls_attempt_period = 0;
return -EINVAL;
......@@ -380,7 +380,7 @@ int setup_dtls(struct openconnect_info *vpninfo)
if (connect_dtls_socket(vpninfo))
return -EINVAL;
vpninfo->progress(vpninfo, PRG_TRACE,
vpn_progress(vpninfo, PRG_TRACE,
"DTLS connected. DPD %d, Keepalive %d\n",
vpninfo->dtls_times.dpd, vpninfo->dtls_times.keepalive);
......@@ -396,7 +396,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
while ( (len = SSL_read(vpninfo->dtls_ssl, buf, sizeof(buf))) > 0 ) {
vpninfo->progress(vpninfo, PRG_TRACE,
vpn_progress(vpninfo, PRG_TRACE,
"Received DTLS packet 0x%02x of %d bytes\n",
buf[0], len);
......@@ -409,24 +409,24 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
break;
case AC_PKT_DPD_OUT:
vpninfo->progress(vpninfo, PRG_TRACE, "Got DTLS DPD request\n");
vpn_progress(vpninfo, PRG_TRACE, "Got DTLS DPD request\n");
/* FIXME: What if the packet doesn't get through? */
magic_pkt = AC_PKT_DPD_RESP;
if (SSL_write(vpninfo->dtls_ssl, &magic_pkt, 1) != 1)
vpninfo->progress(vpninfo, PRG_ERR, "Failed to send DPD response. Expect disconnect\n");
vpn_progress(vpninfo, PRG_ERR, "Failed to send DPD response. Expect disconnect\n");
continue;
case AC_PKT_DPD_RESP:
vpninfo->progress(vpninfo, PRG_TRACE, "Got DTLS DPD response\n");
vpn_progress(vpninfo, PRG_TRACE, "Got DTLS DPD response\n");
break;
case AC_PKT_KEEPALIVE:
vpninfo->progress(vpninfo, PRG_TRACE, "Got DTLS Keepalive\n");
vpn_progress(vpninfo, PRG_TRACE, "Got DTLS Keepalive\n");
break;
default:
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"Unknown DTLS packet type %02x, len %d\n", buf[0], len);
if (1) {
/* Some versions of OpenSSL have bugs with receiving out-of-order
......@@ -445,18 +445,18 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
switch (keepalive_action(&vpninfo->dtls_times, timeout)) {
case KA_REKEY:
vpninfo->progress(vpninfo, PRG_INFO, "DTLS rekey due\n");
vpn_progress(vpninfo, PRG_INFO, "DTLS rekey due\n");
/* There ought to be a method of rekeying DTLS without tearing down
the CSTP session and restarting, but we don't (yet) know it */
if (cstp_reconnect(vpninfo)) {
vpninfo->progress(vpninfo, PRG_ERR, "Reconnect failed\n");
vpn_progress(vpninfo, PRG_ERR, "Reconnect failed\n");
vpninfo->quit_reason = "CSTP reconnect failed";
return 1;
}
if (dtls_restart(vpninfo)) {
vpninfo->progress(vpninfo, PRG_ERR, "DTLS rekey failed\n");
vpn_progress(vpninfo, PRG_ERR, "DTLS rekey failed\n");
return 1;
}
work_done = 1;
......@@ -464,13 +464,13 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
case KA_DPD_DEAD:
vpninfo->progress(vpninfo, PRG_ERR, "DTLS Dead Peer Detection detected dead peer!\n");
vpn_progress(vpninfo, PRG_ERR, "DTLS Dead Peer Detection detected dead peer!\n");
/* Fall back to SSL, and start a new DTLS connection */
dtls_restart(vpninfo);
return 1;
case KA_DPD:
vpninfo->progress(vpninfo, PRG_TRACE, "Send DTLS DPD\n");
vpn_progress(vpninfo, PRG_TRACE, "Send DTLS DPD\n");
magic_pkt = AC_PKT_DPD_OUT;
SSL_write(vpninfo->dtls_ssl, &magic_pkt, 1);
......@@ -485,7 +485,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
if (vpninfo->outgoing_queue)
break;
vpninfo->progress(vpninfo, PRG_TRACE, "Send DTLS Keepalive\n");
vpn_progress(vpninfo, PRG_TRACE, "Send DTLS Keepalive\n");
magic_pkt = AC_PKT_KEEPALIVE;
SSL_write(vpninfo->dtls_ssl, &magic_pkt, 1);
......@@ -515,7 +515,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
/* If it's a real error, kill the DTLS connection and
requeue the packet to be sent over SSL */
if (ret != SSL_ERROR_WANT_READ && ret != SSL_ERROR_WANT_WRITE) {
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"DTLS got write error %d. Falling back to SSL\n", ret);
report_ssl_errors(vpninfo);
dtls_restart(vpninfo);
......@@ -525,7 +525,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
return 1;
}
time(&vpninfo->dtls_times.last_tx);
vpninfo->progress(vpninfo, PRG_TRACE,
vpn_progress(vpninfo, PRG_TRACE,
"Sent DTLS packet of %d bytes; SSL_write() returned %d\n",
this->len, ret);
free(this);
......@@ -536,7 +536,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
#else /* No DTLS support in OpenSSL */
int setup_dtls(struct openconnect_info *vpninfo)
{
vpninfo->progress(vpninfo, PRG_ERR, "Built against OpenSSL with no DTLS support\n");
vpn_progress(vpninfo, PRG_ERR, "Built against OpenSSL with no DTLS support\n");
return -EINVAL;
}
#endif
......
This diff is collapsed.
......@@ -24,11 +24,12 @@
#include "openconnect-internal.h"
struct openconnect_info *openconnect_vpninfo_new (char *useragent,
openconnect_validate_peer_cert_fn validate_peer_cert,
openconnect_write_new_config_fn write_new_config,
openconnect_process_auth_form_fn process_auth_form,
openconnect_progress_fn progress)
struct openconnect_info *openconnect_vpninfo_new_with_cbdata (char *useragent,
openconnect_validate_peer_cert_vfn validate_peer_cert,
openconnect_write_new_config_vfn write_new_config,
openconnect_process_auth_form_vfn process_auth_form,
openconnect_progress_vfn progress,
void *privdata)
{
struct openconnect_info *vpninfo = calloc (sizeof(*vpninfo), 1);
......@@ -39,10 +40,24 @@ struct openconnect_info *openconnect_vpninfo_new (char *useragent,
vpninfo->write_new_config = write_new_config;
vpninfo->process_auth_form = process_auth_form;
vpninfo->progress = progress;
vpninfo->cbdata = privdata?:vpninfo;
return vpninfo;
}
struct openconnect_info *openconnect_vpninfo_new (char *useragent,
openconnect_validate_peer_cert_fn validate_peer_cert,
openconnect_write_new_config_fn write_new_config,
openconnect_process_auth_form_fn process_auth_form,
openconnect_progress_fn progress)
{
return openconnect_vpninfo_new_with_cbdata (useragent,
(void *)validate_peer_cert,
(void *)write_new_config,
(void *)process_auth_form,
(void *)progress, NULL);
}
static void free_optlist (struct vpn_option *opt)
{
struct vpn_option *next;
......
......@@ -46,10 +46,14 @@
#include "openconnect-internal.h"
static int write_new_config(struct openconnect_info *vpninfo, char *buf, int buflen);
static void write_progress(struct openconnect_info *info, int level, const char *fmt, ...);
static void syslog_progress(struct openconnect_info *info, int level, const char *fmt, ...);
static int validate_peer_cert(struct openconnect_info *info, X509 *peer_cert, const char *reason);
static int write_new_config(void *_vpninfo,
char *buf, int buflen);
static void write_progress(void *_vpninfo,
int level, const char *fmt, ...);
static void syslog_progress(void *_vpninfo,
int level, const char *fmt, ...);
static int validate_peer_cert(void *_vpninfo,
X509 *peer_cert, const char *reason);
int verbose = PRG_INFO;
int background;
......@@ -245,6 +249,7 @@ int main(int argc, char **argv)
vpninfo->uid_csd = 0;
vpninfo->uid_csd_given = 0;
vpninfo->validate_peer_cert = validate_peer_cert;
vpninfo->cbdata = vpninfo;
if (!uname(&utsbuf))
vpninfo->localname = utsbuf.nodename;
......@@ -545,7 +550,7 @@ int main(int argc, char **argv)
if (vpninfo->dtls_attempt_period && setup_dtls(vpninfo))
fprintf(stderr, "Set up DTLS failed; using SSL instead\n");
vpninfo->progress(vpninfo, PRG_INFO,
vpn_progress(vpninfo, PRG_INFO,
"Connected %s as %s%s%s, using %s\n", vpninfo->ifname,
vpninfo->vpn_addr?:"",
(vpninfo->vpn_addr6 && vpninfo->vpn_addr)?" + ":"",
......@@ -555,13 +560,13 @@ int main(int argc, char **argv)
: "DTLS");
if (!vpninfo->vpnc_script)
vpninfo->progress(vpninfo, PRG_INFO,
vpn_progress(vpninfo, PRG_INFO,
"No --script argument provided; DNS and routing are not configured\n");
if (background) {
int pid;
if ((pid = fork())) {
vpninfo->progress(vpninfo, PRG_INFO,
vpn_progress(vpninfo, PRG_INFO,
"Continuing in background; pid %d\n",
pid);
exit(0);
......@@ -571,8 +576,9 @@ int main(int argc, char **argv)
exit(1);
}
static int write_new_config(struct openconnect_info *vpninfo, char *buf, int buflen)
static int write_new_config(void *_vpninfo, char *buf, int buflen)
{
struct openconnect_info *vpninfo = _vpninfo;
int config_fd;
int err;
......@@ -596,7 +602,7 @@ static int write_new_config(struct openconnect_info *vpninfo, char *buf, int buf
return 0;
}
void write_progress(struct openconnect_info *info, int level, const char *fmt, ...)
void write_progress(void *_vpninfo, int level, const char *fmt, ...)
{
FILE *outf = level ? stdout : stderr;
va_list args;
......@@ -608,8 +614,7 @@ void write_progress(struct openconnect_info *info, int level, const char *fmt, .
}
}
void syslog_progress(struct openconnect_info *info, int level,
const char *fmt, ...)
void syslog_progress(void *_vpninfo, int level, const char *fmt, ...)
{
int priority = level ? LOG_INFO : LOG_NOTICE;
va_list args;
......@@ -628,9 +633,10 @@ struct accepted_cert {
char host[0];
} *accepted_certs;
static int validate_peer_cert(struct openconnect_info *vpninfo, X509 *peer_cert,
static int validate_peer_cert(void *_vpninfo, X509 *peer_cert,
const char *reason)
{
struct openconnect_info *vpninfo = _vpninfo;
char fingerprint[EVP_MAX_MD_SIZE * 2 + 1];
struct accepted_cert *this;
int ret;
......
......@@ -86,7 +86,7 @@ int vpn_mainloop(struct openconnect_info *vpninfo)
if (vpninfo->dtls_attempt_period && !vpninfo->dtls_ssl && !vpninfo->new_dtls_ssl &&
vpninfo->new_dtls_started + vpninfo->dtls_attempt_period < time(NULL)) {
vpninfo->progress(vpninfo, PRG_TRACE, "Attempt new DTLS connection\n");
vpn_progress(vpninfo, PRG_TRACE, "Attempt new DTLS connection\n");
connect_dtls_socket(vpninfo);
}
if (vpninfo->dtls_ssl)
......@@ -118,7 +118,7 @@ int vpn_mainloop(struct openconnect_info *vpninfo)
if (did_work)
continue;
vpninfo->progress(vpninfo, PRG_TRACE,
vpn_progress(vpninfo, PRG_TRACE,
"No work to do; sleeping for %d ms...\n", timeout);
memcpy(&rfds, &vpninfo->select_rfds, sizeof(rfds));
memcpy(&wfds, &vpninfo->select_wfds, sizeof(wfds));
......
......@@ -203,12 +203,11 @@ struct openconnect_info {
char *quit_reason;
int (*validate_peer_cert) (struct openconnect_info *vpninfo, X509 *cert, const char *reason);
int (*write_new_config) (struct openconnect_info *vpninfo, char *buf, int buflen);
int (*process_auth_form) (struct openconnect_info *vpninfo, struct oc_auth_form *form);
void __attribute__ ((format(printf, 3, 4)))
(*progress) (struct openconnect_info *vpninfo, int level, const char *fmt, ...);
void *cbdata;
openconnect_validate_peer_cert_vfn validate_peer_cert;
openconnect_write_new_config_vfn write_new_config;
openconnect_process_auth_form_vfn process_auth_form;
openconnect_progress_vfn progress;
};
/* Packet types */
......@@ -228,6 +227,8 @@ struct openconnect_info {
#define method_const
#endif
#define vpn_progress(vpninfo, ...) (vpninfo)->progress ((vpninfo)->cbdata, __VA_ARGS__)
/****************************************************************************/
/* tun.c */
......
......@@ -31,9 +31,12 @@
#include <unistd.h>
#define OPENCONNECT_API_VERSION_MAJOR 1
#define OPENCONNECT_API_VERSION_MINOR 1
#define OPENCONNECT_API_VERSION_MINOR 2
/*
* API version 1.2:
* - Add openconnect_vpninfo_new_with_cbdata()
*
* API version 1.1:
* - Add openconnect_vpninfo_free()
*
......@@ -132,21 +135,42 @@ void openconnect_reset_ssl (struct openconnect_info *vpninfo);
int openconnect_parse_url (struct openconnect_info *vpninfo, char *url);
const char *openconnect_get_version(void);
typedef int (*openconnect_validate_peer_cert_fn) (struct openconnect_info *vpninfo,
struct x509_st *cert, const char *reason);
typedef int (*openconnect_write_new_config_fn) (struct openconnect_info *vpninfo, char *buf,
/* The first (privdata) argument to each of these functions is either
the privdata argument provided to openconnect_vpninfo_new(), or
if that argument was NULL then it'll be the vpninfo itself. */
typedef int (*openconnect_validate_peer_cert_vfn) (void *privdata,
struct x509_st *cert,
const char *reason);
typedef int (*openconnect_write_new_config_vfn) (void *privdata, char *buf,
int buflen);
typedef int (*openconnect_process_auth_form_vfn) (void *privdata,
struct oc_auth_form *form);
typedef void __attribute__ ((format(printf, 3, 4)))
(*openconnect_progress_vfn) (void *privdata, int level,
const char *fmt, ...);
typedef int (*openconnect_validate_peer_cert_fn) (struct openconnect_info *,
struct x509_st *cert,
const char *reason);
typedef int (*openconnect_write_new_config_fn) (struct openconnect_info *, char *buf,
int buflen);
typedef int (*openconnect_process_auth_form_fn) (struct openconnect_info *vpninfo,
typedef int (*openconnect_process_auth_form_fn) (struct openconnect_info *,
struct oc_auth_form *form);
typedef void __attribute__ ((format(printf, 3, 4)))
(*openconnect_progress_fn) (struct openconnect_info *vpninfo, int level,
const char *fmt, ...);
(*openconnect_progress_fn) (struct openconnect_info *, int level,
const char *fmt, ...);
struct openconnect_info *openconnect_vpninfo_new (char *useragent,
openconnect_validate_peer_cert_fn,
openconnect_write_new_config_fn,
openconnect_process_auth_form_fn,
openconnect_progress_fn);
struct openconnect_info *openconnect_vpninfo_new_with_cbdata (char *useragent,
openconnect_validate_peer_cert_vfn,
openconnect_write_new_config_vfn,
openconnect_process_auth_form_vfn,
openconnect_progress_vfn,
void *privdata);
void openconnect_vpninfo_free (struct openconnect_info *vpninfo);
#endif /* __OPENCONNECT_H__ */
This diff is collapsed.
......@@ -79,7 +79,7 @@
static int local_config_tun(struct openconnect_info *vpninfo, int mtu_only)
{
if (!mtu_only)
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"No vpnc-script configured. Need Solaris IP-setting code\n");
return 0;
}
......@@ -153,7 +153,7 @@ static int process_split_xxclude(struct openconnect_info *vpninfo,
slash = strchr(route, '/');
if (!slash) {
badinc:
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"Discard bad split %sclude: \"%s\"\n",
in_ex, route);
return -EINVAL;
......@@ -365,7 +365,7 @@ static int script_config_tun(struct openconnect_info *vpninfo)
{
if (system(vpninfo->vpnc_script)) {
int e = errno;
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"Failed to spawn script '%s': %s\n",
vpninfo->vpnc_script, strerror(e));
return -e;
......@@ -428,7 +428,7 @@ int setup_tun(struct openconnect_info *vpninfo)
if (errno != -ENOENT)
tunerr = errno;
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"Failed to open tun device: %s\n",
strerror(tunerr));
exit(1);
......@@ -439,7 +439,7 @@ int setup_tun(struct openconnect_info *vpninfo)
strncpy(ifr.ifr_name, vpninfo->ifname,
sizeof(ifr.ifr_name) - 1);
if (ioctl(tun_fd, TUNSETIFF, (void *) &ifr) < 0) {
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"TUNSETIFF failed: %s\n",
strerror(errno));
exit(1);
......@@ -518,7 +518,7 @@ int setup_tun(struct openconnect_info *vpninfo)
return -EIO;
}
/* Solaris tunctl needs this in order to tear it down */
vpninfo->progress(vpninfo, PRG_DEBUG, "mux id is %d\n", mux_id);
vpn_progress(vpninfo, PRG_DEBUG, "mux id is %d\n", mux_id);
vpninfo->tun_muxid = mux_id;
vpninfo->ip_fd = ip_fd;
......@@ -618,7 +618,7 @@ int tun_mainloop(struct openconnect_info *vpninfo, int *timeout)
static int complained = 0;
if (!complained) {
complained = 1;
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"Unknown packet (len %d) received: %02x %02x %02x %02x...\n",
len, data[0], data[1], data[2], data[3]);
}
......@@ -651,7 +651,7 @@ void shutdown_tun(struct openconnect_info *vpninfo)
if (vpninfo->vpnc_script) {
setenv("reason", "disconnect", 1);
if (system(vpninfo->vpnc_script) == -1) {
vpninfo->progress(vpninfo, PRG_ERR,
vpn_progress(vpninfo, PRG_ERR,
"Failed to spawn script '%s': %s\n",
vpninfo->vpnc_script,
strerror(errno));
......
......@@ -75,7 +75,7 @@ int config_lookup_host(struct openconnect_info *vpninfo, const char *host)
for (i = 0; i < SHA_DIGEST_LENGTH; i++)
sprintf(&vpninfo->xmlsha1[i*2], "%02x", sha1[i]);
vpninfo->progress(vpninfo, PRG_TRACE, "XML config file SHA1: %s\n", vpninfo->xmlsha1);
vpn_progress(vpninfo, PRG_TRACE, "XML config file SHA1: %s\n", vpninfo->xmlsha1);
xml_doc = xmlReadMemory(xmlfile, st.st_size, "noname.xml", NULL, 0);
munmap(xmlfile, st.st_size);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment